Modern browsers allow users to create their own browser accounts (not website accounts). Once logged into browser using browser account, user can synchronise all website accounts. This brings BIG security risks.

Let’s say a user have these accounts:

  • Personal email account (can be used as browser account)
  • Work email account (can be used as browser account too)

Security risk 1:

  • Problem: Log into browser using personal browser account (not website accounts) to synchronise all personal data at public or friend’s computer
  • Risk: Any other person or friend can see all the passwords
  • Solution: Don’t do it

Security risk 2:

  • Problem: Log into browser using work browser account (not website accounts) to synchronise all personal data at any computer
  • Risk: Any system admin at the company can simple set password for the work browser account and log into browser to get all the passwords of user (if sync’ed)
  • Solution: Don’t do it
Advertisements